An Android Applications Vulnerability Analysis Using MobSF

Shujahat Ali Khan, Muhammad Adnan, Ahtasham Ali, Ali Raza, Asim Ali, Syed Zohaib Hassan Naqvi, Tehseen Hussain

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedingspeer-review

1 Citation (Scopus)

Abstract

The reality that so many third-party applications for Android have security flaws that allow thieves access is one of the main drawbacks of using them. The primary cause of the compromise is that, when implementing the source code, the developer focused more on the application's functionality than on its confidentiality, integrity, and authentication. As a result, safeguarding sensitive data used by users of mobile applications became extremely difficult due to privacy breaches. This study looks at how to analyze Android code to identify the fundamental causes of vulnerabilities that are discovered in it. A Mobile Security Platform (MobSF) was utilized to perform comprehensive and dynamic evaluations of Android applications. This required looking at the source code-The code written by developers-As well as the binary code, which is the code that can be executed by devices. It also involved using a method called common weakness enumeration to find known vulnerabilities. Identifying vulnerabilities in the source code itself and any additional security holes in the application was the aim. Typically, the adversary inserts malicious strings and backdoors into the applications to gain access and steal sensitive data. MobSF is an Android app analysis tool with a graphical user interface. MobSF is an Android app analysis tool with a graphical user interface. Although it can analyze apps both statically (by analyzing the code) and dynamically (by running the app), our primary goal is to detect potential security flaws or weaknesses in the Java code that developers write.

Original languageEnglish
Title of host publicationProceedings - 2024 International Conference on Engineering and Computing, ICECT 2024
Place of PublicationUnited States
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages1-7
Number of pages7
ISBN (Electronic)9798350349719
ISBN (Print)9798350349726
DOIs
Publication statusPublished - 23 May 2024
Event2024 International Conference on Engineering and Computing, ICECT 2024 - Islamabad, Pakistan
Duration: 23 May 2024 → …

Publication series

NameProceedings - 2024 International Conference on Engineering and Computing, ICECT 2024

Conference

Conference2024 International Conference on Engineering and Computing, ICECT 2024
Country/TerritoryPakistan
CityIslamabad
Period23/05/24 → …

Bibliographical note

Publisher Copyright:
© 2024 IEEE.

Fingerprint

Dive into the research topics of 'An Android Applications Vulnerability Analysis Using MobSF'. Together they form a unique fingerprint.

Cite this